1. Field of the Invention
The present invention relates generally to an extensible authentication protocol (EAP). More particularly, the present invention relates to a method of performing an authentication between an authentication server and a client.
2. Description of the Related Art
The present invention suggests a communication system that does not require user authentication as in a wireless local area network (WLAN). The WLAN and problems occurring in the communication system requiring no user authentication are explained to facilitate the understanding of the present invention. The WLAN is called Wi-Fi in that it is conveniently used like a hi-fi audio. Personal digital assistants (PDAs) or notebook computers positioned within a predetermined distance from a point at which access points (APs) are installed can use ultrahigh speed Internet. Unlike a wired LAN, the WLAN uses a radio frequency and thus does not need telephone lines or private lines. However, the PDAs or the notebook computers must contain wireless LAN cards.
A transmission rate of the WLAN is 4 Mbps to 11 Mbps and thus can receive and transmit mass multimedia information. In addition, the usage rate of the WLAN is inexpensive compared to its usage time, and the WLAN is outstanding in terms of mobility and security. Therefore, the WLAN is very useful for temporally installing a network in department stores, hospitals, museums, exhibitions, seminars, construction sites, or the like.
FIG. 1 shows an AP and a plurality of clients (nodes) constituting a conventional WLAN. Operations performed by devices constituting the conventional WLAN will now be described with reference to FIG. 1.
An AP 100 is linked to a plurality of clients 110, 112, 114, and 116. The AP 100 transmits data received from the plurality of clients 110, 112, 114, and 116 to an external server or receives data solicited by the plurality of clients 110, 112, 114, and 116 from the external server. The AP 100 transmits the data received from the external server to the plurality of clients 110, 112, 114, and 116.
The plurality of clients 110, 112, 114, and 116 transmit data to or receive data from the external server using the AP 100.
It is supposed that the clients 110, 112, 114, and 116 try to access the AP 100. In general, the AP 100 may access the plurality of clients 110, 112, 114, and 116 only within a set radio resource. Thus, in a case where a solicitation for a radio resource exceeding the set radio resource is made, the AP 100 allows some of the plurality of clients 110, 112, 114, and 116 making a solicitation for an access to access the AP 100 according to a predetermined protocol.
In general, the AP 100 gives priority to a client that has first tried to access to the AP 100 and allows the client to access according to the priority.
The client provides the AP with its state information requested from the AP to the AP. (For example, the state information can be the IP address of the client.) Meanwhile, a third client can collect state information of a current client, the third client is able to access the AP instead of the current client. (Following the same example, the third client can attempt to steal the IP address assigned to the victim client. This would be a service theft.)
In this regard, various solutions have been suggested to prevent the third client from accessing the AP using the state information of the current client.
In general, the WLAN performs an authentication process to a client using an extensible authentication protocol (EAP). For this purpose, the WLAN includes an authentication server in addition to a client and an AP.
According to the conventional EAP, the authentication server authenticates a client using a user password. Also, the client must be authenticated prior to an access to a network.